General

  • Target

    0892a3e368f8ad141d218e880613462374b3f9906ce3faff977952677c3af621

  • Size

    71KB

  • MD5

    184fbd147e905c578080872c45b9c023

  • SHA1

    2d091ba90484937a93570a2526bac8b52c8ccce0

  • SHA256

    0892a3e368f8ad141d218e880613462374b3f9906ce3faff977952677c3af621

  • SHA512

    d3467847da1eb5d9425c6adf3473f210d8a766a0cf3cbfe45ab08c99ee2a1a8d1aa356980c046c9cd9572e050529559292f184c3fdee2e3efd6600d9689364f1

  • SSDEEP

    1536:s7ZppApdIIC0/2YtBUOqHCQNm2zs+dD8dlxhiCW1aQx6:spWpI0/2YjUOqHxNmMdIdlxhu0

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0892a3e368f8ad141d218e880613462374b3f9906ce3faff977952677c3af621
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections